by Orlando Scott-Cowley 13th of March 2015

The Vault Is Dead: Why On-Premises Email Is History

Customers are increasingly trading in their old, bloated, expensive on-premises email archives for cloud services. Over time, these last-century technologies will take their place in the history of computing – the world, technology and the needs of customers have simply moved on.
Old, bloated and expensive on-premises email archives are being swapped for for cloud services.

Old, bloated and expensive on-premises email archives are being swapped for cloud services.
Old, bloated and expensive on-premises email archives are being swapped for cloud services.

Early adopters of email archiving have been staring angrily at their on-premises vault and watching it grow since the end of the last century. As wholly on-premises installations, these solutions were designed to alleviate the long-term email storage problems associated with Microsoft Exchange 5.5 and their rampant PST generation habits. IT departments quickly found that storing email on the primary mail server and stubbing it back to end users’ in-boxes meant their Exchange environment was more stable and efficient.

About 20 years ago, when the concept of an email archive first emerged, IT professionals couldn’t predict what an email archive of the future would look like. They certainly had no idea how large an email infrastructure could get. As users continue to send and receive massive amounts of email, and as attachment sizes continue to grow, old vaults have reached their storage capacity and as a result, demand more new hardware to manage the overflow of data.

The scalability of on-premises archives has been doomed from the beginning, as its growth is at the mercy of allotted IT budgets. IT teams have run out of patience trying to support this now vintage solution.

Then there’s the actual effectiveness, utility and usefulness of on-premises vaults. Historically, email archiving has been the domain of the IT administrator, and in some instances, legal counsel or compliance teams. Generally, the vault would have been deployed to solve either a storage management problem on Exchange, or a compliance and e-discovery problem affecting the business. Neither of these scenarios has any direct benefit for employees whose email is being stored after all – and it is these people who are demanding more of these solutions in today’s corporate environments.

The cloud has become the standard for new archives. The rare ‘greenfield’ email archiving sites where businesses are just setting out on their email retention journey are predominantly in the cloud. Why would you install a cumbersome, expensive and time-limited on-premises archive today, when there are many simple, scalable, innovative cloud alternatives.

Using the cloud for email archiving gives you significant competitive advantages, like:

- More frequent innovation, technology enhancements and features

- Faster upgrade cycles

- Perpetual storage

- No longer tied to the LAN

Then, of course, you have the needs of employees to consider. Never before have they demanded access to so much information, on so many devices, from so many different locations. The rise of consumer cloud and BYOD coupled with the collapse of the network perimeter means employees can’t be chained to their corporate networks anymore. On-premises archives simply don’t support this modern, on-the-go style of working. But in the cloud, access is ubiquitous, data is within reach, and mobile devices are supported. Keeping employees productive and in touch with their corporate memory on a mobile device is hard to do without a cloud archive that can deliver personal archive content through an app.

So there it is. You’re likely tired of your historic enterprise email vault because it’s old, cumbersome and no longer serves a relevant purpose. You’re likely sick of continuing to sign checks to the vendor for yet more storage. It is an expensive habit you surely want to break. The good news is, there is an alternative in the cloud that brings you up to date – and leading industry analysts agree. I recently discussed the benefits of the cloud over on-premises email archiving with Gartner Research Director, Alan Dayley.

Click here to watch the webinar.

by Neil Murray 30th of January 2015

Amazon's WorkMail Is Late to the Party

It’s not David and Goliath. It’s David, without a slingshot, battling a Goliath who has recently beaten David’s more popular brother Google Apps.

Underdog: the trouble for Amazon is that WorkMail is incredibly late and has no stand out features.
Underdog: the trouble for Amazon is that WorkMail is incredibly late and has no stand out features.

The launch of Amazon’s WorkMail makes perfect sense on paper. It should have an offering in the enterprise email server market – its rivals have been in it for years. The trouble for Amazon is that it’s incredibly late and it looks like it has no stand out features. To make matters worse for Amazon, Microsoft unquestionably leads the world in the provision of enterprise email inboxes – both in on-premises Exchange and now in the cloud with Office 365.

Of course, high-profile security breaches such as Sony and Target have heightened the interest of enterprises in the security of their email services. Encryption for email in transit is growing in importance and reflects the critical importance email plays in business, but this is not the be-all and end-all of securing email from snooping eyes, legitimate or otherwise.

Businesses need to be thinking about making their email safe beyond the actual inbox and transit encryption. This is where third-party cloud service providers for email security, archiving and continuity, like Mimecast, come in.

Businesses also have to consider carefully how best to deploy their business critical services in the cloud era – the answer certainly isn’t relying on one vendor for everything. Amazon, Google or Microsoft for that matter. On the other hand, you don’t want a myriad of vendors or you’ll be left paying for, and managing, all this additional technology in the cloud, very much like you are doing on-premise now.

The news about WorkMail doesn’t change this fundamental challenge.

Unseating Microsoft from its position as enterprise email server of choice, with more than 300 million Exchange inboxes out there, will take some revolutionary ideas. Competition is a good thing, of course. Even though we’ve been supporting email services from Google and Microsoft for years, we will look closely at how WorkMail does in the market.

That said, my first assessment of WorkMail from news reports suggests that its basic offering of encryption and calendars, however priced or packaged, won’t be the revolutionary spark Amazon needs to unseat the entrenched competition potentially even within AWS’ own customer base.

But didn’t they say that about David’s chances against Goliath? No, scratch that. This time the big dog does win.

by Orlando Scott-Cowley 23rd of January 2015

Phishing - the Speculative Long Con

There’s been a spate of phishing attacks this month seeking to uncover the user credentials for users of various hosted email services. Gmail, Outlook, Yahoo and AOL have all been targeted.

While some reports of the Outlook.com phish seem to have incorrectly claimed it was sent to all 400 million users of the service. Intruth the phishing email was sent to a handful of email addresses in the hope that some would be users of the popular Microsoft service, and be duped into providing their user credentials.

Phishing hacker The most damaging hacks can start with just a simple phishing attack

We don’t yet know the ultimate goal of the attackers, but we do know they have identified both consumer and business email accounts that use these services. And, that they’re hoping to gain access to that service by duping someone into giving up their user credentials with a convincing looking, but malicious, login page.

Look carefully at the Outlook.com example, and you’ll start to uncover the art of a well-crafted and targeted spear-phishing attack. What we’re seeing, thanks to Chris Boyd and Malwarebytes, could be the start of a well thought out campaign that’s hunting for something quite specific, in effect, the beginnings of a long speculative con. So far, we’ve seen a number of Outlook.com email addresses being targeted, in a seemingly random way, as well as some collateral fallout to other email domains.

The worst case scenario is the attackers know who they are looking for; the best case is that this is random. What’s likely to happen next is that the newly compromised account will be used to target someone, or something else, in order to add an air of legitimacy. The attackers are likely to use a further spear-phishing technique that tricks their target into clicking a link that downloads a malware dropper to their computer.

Once we’re at that stage, we can assume it’ll be game over for the target: their computer will have been compromised, the RAT will likely have given the attackers access, and they’ll be making off with data or moving onto their next target.

All of this could take hours, days, weeks or even months, but be sure the attackers have the patience to wait it out.

For enterprise users, this type of breach could be catastrophic (see Sony Pictures). What starts with a simple phish can end in a whole lot more trouble. Enterprise users are generally well protected by their IT teams, but URIs (URLs in emails) are still not as protected as they should be. Consider how often you click a link in an email without thinking about it, assuming that the IT team have deployed enough protection to keep you safe. In reality, the Outlook.com phish, as well as most other types of spear-phishing, are likely to have made it past your enterprise email security gateway. This is exactly what attackers are relying on – they know a malicious file will never get to you, so they try to trick you into clicking their link.

Therefore, protecting the link is the only real way to defeat this threat, and for the enterprise that means adding another layer to the security stack. A layer that can re-write the link and scan it for malicious end points as it’s delivered to the end user. For business users of Office 365 this means a similar layer of security over and above the already useful Exchange Online Protection.

by Orlando Scott-Cowley 15th of January 2015

Obama’s 30-Day Breach Warning Is Just the Beginning

2014 was a tough year for global computer security. New advanced threats, like spear-phishing, have been grabbing the headlines. Barely a week went by without news of a breach, and few companies are starting the year without a nagging sense of vulnerability.

It’s no surprise, therefore, that this week President Obama unveiled plans for three new laws aimed at better protecting citizens’ data. The ‘Personal Data Notification & Protection Act’ proposal establishes a 30-day notification requirement from the discovery of a breach.

Blast furnace Hackers used spear-phishing to breach a German steelworks and cause massive physical damage

But much like similar proposals that have been hotly debated in Europe over recent years, this law is not enough to combat the growing threat on its own. The legislation may help ‘bring peace of mind’ to consumers but it’s just closing the door after the horse has galloped away with your data. Yes, consumers should be warned to change their passwords and check bank statements quickly in light of a breach, but of most importance should be the opportunity for affected companies and law enforcement to work together to identify and shut down the hackers for good. In short, this legislation will do little to tackle this and help prevent the breaches in the first place.

The danger from advanced threats and data breaches just got less digital and more real. In December, the German government revealed details of a sophisticated social engineering and phishing attack that reports say caused “massive damage” to a steelworks’ blast furnace.  According to Wired magazine, we've not seen confirmed physical damage from a cyber-weapon since Stuxnet, the virus revealed in 2010 that ravaged centrifuges in Iran's nuclear facilities.

So, if Target, Home Depot and ICANN taught us anything, it’s that security needs to be a top priority – and IT teams should be even more cautious. With their elevated administrative privileges, IT often becomes the primary target for attacks, as they allow an easy pivot point to gain access inside the network.

These phishing attacks could have been prevented with greater pre-emption of human nature. The bottom line is: without the right protection in place, it's inevitable that one of your employees (even someone in your supply chain) will, sooner or later, receive a seemingly innocent email and click on a dangerous link. For companies without appropriate security and employee education in place, this year will likely be a repeat of the last.


Expert Webcast and Live Q&A - Forrester Research analyst Rick Holland and Mimecast’s Steve Malone share essential advice to protect your business against spear-phishing and targeted attacks.

Join us on Wednesday, January 21 at 11am Eastern (1600 UK, 1800 RSA).

Register Free Here. Webinar now complete.